Ran across an interesting paper today about "crash-only" architectures:
http://www.stanford.edu/~candea/papers/crashonly/crashonly.html
The basic premise is that if all components of a system are always shut
down by "crashing" (e.g. via 'kill -9'), then they have to be designed to
always perform crash recovery on startup. This then leads to design
decisions that result in fast boot times, fast recovery times, and highly
reliable error recovery because you are testing the recovery mechanism
every single time you start it. :)
It's a fascinating concept. I try to follow many of the specific
guidelines already in PEAK, but it's interesting to see these principles
arranged as part of an overall "theory" and ways to connect them together.